P. D. Bojovic

P. D. Bojovic, I. Basicevic, S. Ocovaj et al.

This paper presents a hybrid method for the detection of distributed denial-of-service (DDoS) attacks that combines feature-based and volume-based detection. Our approach is based on an exponential moving average algorithm for decision-making, applied to both entropy and packet number time series. The approach has been tested by performing a controlled DDoS experiment in a real academic network. The network setup and test scenarios including both high-rate and low-rate attacks are described in the paper. The performance of the proposed method is compared to the performance of two methods that are already known in the literature. One is based on the counting of SYN packets and is used for detection of SYN flood attacks, while the other is based on a CUSUM algorithm applied to the entropy time series. The results show the advantage of our approach compared to methods that are based on either entropy or number of packets only.

P. D. Bojovic, K. Savic

The security of the service and the system depends on the security of each of them components of this system. An attack on the routing protocol may be inaccurate functioning of the computer network. In some cases this is possible The attacker comes to data or artificial information for which he is not entitled. OSPF protocol is the most commonly used connection protocol. U In this paper, we conducted an OSPF security analysis and described it security mechanisms. ----- Bezbednost nekog servisa i sistema zavisi od bezbednosti svake komponente tog sistema. Napad na protokol rutiranja može proizvesti neispravno funkcionisanje računarske mreže. U pojedinim slučajevima moguće je da napadač dođe do podataka ili umetne podatke za koje nema pravo. OSPF protokol je najrasprostranjeniji protokol stanja linka (link-state protocol). U ovom radu izvršili smo analizu bezbednosti OSPF protokola i opisali njegove bezbednosne mehanizme.